Fix container restart issue

When container are restarted with podman the reestart will send the TERM signal to the entry process. Since the main entry for these container is a script running other script and waiting the singal are not propagated to the thread group making the restart hanging until a KILL signal is used but these return with an error code making the automation failing.
dogtagpki · Dec 17, 2024 · d3447ce · d3447ce
1 parent 2b3d75b
commit d3447ce
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 3 deletions.
diff --git a/.github/workflows/ca-container-basic-test.yml b/.github/workflows/ca-container-basic-test.yml
@@ -313,8 +313,11 @@ jobs:
         run: |
           docker restart ca
 
+          sleep 10
+
           # wait for CA to restart
           docker exec client curl \
+              -v \
               --retry 180 \
               --retry-delay 0 \
               --retry-connrefused \

diff --git a/base/ca/bin/pki-ca-run b/base/ca/bin/pki-ca-run
@@ -361,15 +361,20 @@ rm /tmp/sslserver.crt
 echo "################################################################################"
 echo "INFO: Starting CA server"
 
+trap "kill -- -$(ps -o pgid= $PID | grep -o '[0-9]*')" TERM
+
 if [ "$UID" = "0" ]; then
     # In Docker the server runs as root user but it will switch
     # into pkiuser (UID=17) that belongs to the root group (GID=0).
-    pki-server run
-
+    pki-server run &
+    PID=$!
+    wait $PID
 else
     # In OpenShift/Podman the server runs as a non-root user
     # (with a random UID) that belongs to the root group (GID=0).
     #
     # https://www.redhat.com/en/blog/jupyter-on-openshift-part-6-running-as-an-assigned-user-id
-    pki-server run --as-current-user
+    pki-server run --as-current-user &
+    PID=$!
+    wait $PID
 fi